3.2 Coreboot Laptop Options

In the last section, we explained why it is important to get a laptop with the Coreboot Startup program rather than the UEFI startup program. Unfortunately, there are very few computer companies producing computers with Coreboot. For example, a company called Minifree produces the only computer certified by the Free Software Foundation. It is a 12 inch laptop that costs about $600 and uses an offshoot of Coreboot called Libreboot. They also sell a 14 inch model for $900. However, these supposedly “state of the art” computers are actually 2008 Lenovo Thinkpads with some minor alterations. Equally bad, neither of these computers have wide enough screens to allow side by side editing. In fact, the screen resolution on these two computers is only 1280 x 800. Side by side editing requires at least a 15 ½ inch high resolution 1920 x 1080 screen if you want to have a browser and document open at the same time on your desktop.

Here is the screen difference between a 15 ½ inch screen and a 13 inch screen. Note that these screens are measured on the diagonal. The actual width of these screens is about one and one half inches less. In other words, the 15 ½ inch screen is 14 inches wide and the 11 ½ inch screen is only 10 inches wide:

As we explained earlier, the most common Linux computer makers, System 76, Think Penguin and Emperor Linux all sell computers with UEFI – basically making all of them unreliable and nearly worthless for anyone who wants to assure control over their computer and over their data. There is only one laptop with a 15 ½ inch screen, Coreboot and a full Linux operating system pre-installed. It is the Purism Librem 15. The Librem 15 comes with a version of the Linux Debian operating system called PureOS. This is a good operating system. But it is not as easy to use as the Linux Mint operating system. Thus, if you want a 15 ½ inch laptop prebuilt with Coreboot and Linux Mint preinstalled, you are currently out of luck. If you want security, privacy and safety, and is easy to use, the only way to get it is to create your own Linux computer by converting a 15 ½ inch Chromebook laptop to a Linux Mint laptop.

In the past, the easiest way to create your own Linux computer was to convert any Pre-UEFI Windows computer (or Pre-UEFI Apple computer). This included almost any Windows XP, Windows Vista or Windows 7 computer made between 2005 to 2011. The five steps are to put all of your documents on a jump drive, then download Linux Mint and create a Linux Mint Live USB stick. Then set the BIOS of the computer to boot from a USB. Then start the computer with the Live USB Stick in place. Linux Mint will replace Windows. Add back your documents to the Mint File Manager and you are free! The problem with this process is that as time goes by, there are fewer and fewer older computers. Also, older computers, and especially older laptops, tend to suffer from problems such as the keyboard going bad, the screen going blank and the hard drive crashing. All of these things can be replaced. But older computers are not as reliable as a new computer with a new keyboard, a new computer screen and a new hard drive.

If you want a secure new computer, your only options are a Chromebook or Librem. The least expensive option is to purchase and alter a Chromebook. This is because Chromebooks and Librem are the only new computers that come with the Coreboot startup program. There are three categories of Chromebooks – Chromeboxes which are desktop computers that attach to an external monitor and keyboard, Chromebases that include a large attached monitor and keyboard and Chromebook laptops that include a monitor and keyboard for folks who need more mobility. Because Chromebook laptops are by far the most popular option, we will first look at Chromebook laptop options. (Chromeboxes can be upgraded in nearly the same process as Chromebooks while Chromebases are harder).

Only one model of Chromebooks can be used for Side by Side Editing

The problem with Chromebook laptops is that up until 2015, all Chromebook screens were simply too small or had too low of a resolution to do side by side editing. Thankfully, there is finally a 15 ½ inch Chromebook with a high resolution 1920 x 1080 screen. It is called the Acer C910. It is also called the “Education 15” Chromebook because it comes with a special shock resistant black case designed for younger students.

Why The Acer C910 is a Revolution in Computer Technology

The Acer C910 may be the most important new computer ever introduced. Historically, full sized, fully functioning laptops with high resolution screens and fast processors have cost more than $1000. Adding commercial software often doubled this price. This high price put fully functioning laptops outside the range of most low income parents and cash starved school districts to purchase for their students. The Acer 910 has a retail price of $270 and comes with a 32 GB Solid State Drive. It can be upgraded to a 256 GB Solid State Drive for $99. This puts its retail price with a large hard drive at $370 – making it much more affordable for parents and schools than any fully functioning laptop ever. Here is a chart comparing the Acer C910 to previous Google Chromebooks.

Brand Model

Acer C710

HP 14

Toshiba 2

Acer C910

Year

2012

2013

2014

2015

Retail

$200

$300

$300

$300

Width x Height*

10 x 6

12.5 x 7.5

11.5 x 6.5

14 x 8

Screen Area*

60

94

75

112

Resolution

1366x768

1366x768

1920x1080

1920x1080

Processor

Celeron 847

Celeron 847

Celeron 3215U

Celeron 3205U

RAM

2GB

2GB

4GB

4GB

Battery Life

4 Hours

5 Hours

8 Hours

9 Hours

SSD GB

16GB

16GB

32GB

32GB

Weight (lbs)

3.2

4.1

3.2

4.8

* This is the actual screen area inside dimensions, not the outside dimensions.

Since its introduction in 2012, the Acer C710 has been one of the most popular laptops in existence for parents and school districts to buy for their students. This was due primarily to its low price of $200 retail (which school districts were able to get for much less when bought in lots of one thousand or more.

There were however several drawbacks to the Acer 710. The first was its screen size which was only 10 inches by 6 inches (measuring the actual interior dimensions). This not only meant a small screen that was difficult to read and did not display much content, but also a small keyboard that was difficult for bigger hands to type on. The Acer C710 also came with a low speed processor, a limited battery life and a very small 16 GB Solid State Drive.

In 2014, Toshiba introduced the first low cost Chromebook with a high resolution screen. It currently comes with a high speed state of the art processor for only $300. However, it does not come with a reinforced shell. It also only has a “13 inch” screen that is actually only 11 ½ inches by 6 ½ inches, making it too small to view two windows side by side.

Thankfully, in 2015, Acer introduced the C910 which has the same high resolution 1920 x 1080 screen as the Toshiba 2. However, the screen area on the Acer C910 is nearly 50% bigger than the screen area on the Toshiba 2 – 112 square inches versus 75 square inches. This makes the Acer C910 the first low cost laptop in existence to allow for side by side editing – where a student can have two 7 inch wide document or browser windows open and viewable in a side by side format and view the text in each window clearly without eye strain.

Four Versions of the Acer C910.. But Only Three with High Resolution Screens!

There are four versions of the Acer C910. All four look exactly alike as all four have 15.6 inch screens (which are actually 14 inch by 8 inch screens).

The least expensive version (Model 453) has only a low resolution 1366 x 768 pixel screen which is blurry and can cause a lot of eye strain. So we will avoid this version.

That leaves three options with 1920 x 1080 high resolution screens – the difference being that they have three different versions of the latest Intel Broadwell processor. These versions are marketed using the trade names “Celeron, Core i3 and Core i5.”

Here is a chart comparing three versions of the Acer C910:

Model

Acer C910 - C37P

Acer C910-3916

Acer C910-54M1

Retail

$270

$450

$500

Processor

Broadwell

Celeron 3205U

Broadwell Core i3

Broadwell Core i5

RAM

4 GB

4 GB

4 GB

SSD

32 GB

32 GB

32 GB

Screen Resolution

1920 x 1080

1920 x 1080

1920 x 1080

All three of these new Broadwell processors are much faster and more efficient that previous versions of he Celeron, i3 and i5 processors. The new Celeron Acer C910 retails for $270. Because Linux is about 4 times faster than Windows, and because the new Celeron Broadwell processor is about twice as fast as a 4 year old Celeron processor, and because the Solid State Hard Drives in all three options are about 50 times faster than the traditional hard drives most people are used to, there is no need for most people to get anything faster than the new Celeron processor when using Linux.

Why a High Speed Processor is not needed on the Acer C910

No matter how fast your processor is, your computer is limited by its slowest component which is the hard drive. Even the fastest hard drive is extremely slow when compared to your processor. The bigger your operating system and other programs are, the worse this problem becomes. Traditional hard drives aka HDDs are limited by the fact that they are made up of physical, moving parts. By sharp contrasts, Solid State Drives or SSDs have no moving parts. This allows them to be dramatically faster than SSDs even though SSDs use half the power of HDDs. Even the slowest SSD is about 50 times faster than the fastest HDD.

A Solid State Drive is smaller, faster and more durable (shock resistant) than a traditional spinning hard drive:

To determine the speed of your computer system, you also have to consider the operating system that is driving the application or end program. Since the Linux operating system is one fifth the size of the Windows operating system, it loads any application 5 times faster than the Windows operating system.

Therefore, a Linux operating system using a 1.5 GHz Broadwell Celeron processor will be 50% faster than a Windows operating system using an Intel 2.2 GHz i5 processor. This is why we recommend the 1.5 Ghz Celeron version of the Acer C910 Chromebook. Replacing the Chrome operating system with the Linux Mint operating system results in a fully functional computer that is many times faster than any previous low cost laptop.

Because the Acer Celeron C910-C37P is the laptop we recommend for most people, including schools and students, we will focus the rest of this chapter on how to convert the Acer Celeron C910 with the 1920 x 1080 screen to a Linux 15 ½ inch fully functioning laptop – a laptop that will be better than any laptop in existence at any price just two years ago. Before we begin describing the conversion process, we will review some of the benefits of this revolutionary new laptop.

There are at least five major innovations that come with the Acer C910 Chromebook:

#1 The ability to do dual screen side by side editing – thanks to the high resolution 15 inch screen.

#2 5th Generation Broadwell Computer Processing Unit (CPU) The Acer C910 uses the Fifth Generation Broadwell CPU. The Fifth Generation Broadwell processor is a Fourth Generation Intel Haswell processor that has been shrunk in size with the addition of about 30% more transistors with 1.3 billion compared to 1 billion transistors for the Haswell processor. This huge increase in the number of transistors is possible because Broadwell transistors are only 14 nanometers while Haswell transistors are 22 nanometers. Just 8 years ago, transistors were 65 nanometers. For comparison, a human hair is 90,000 nanometers. Here is what the Fifth Generation Broadwell Chip looks like:

Because the Broadwell chip is 30% more efficient than the Haswell chip, the Broadwell processor extends the battery life up to 9 hours. But the increase in battery life is only part of the improvement. The real benefit of all the extra transistors in a smaller space, at least in terms of Chromebook laptops, is the ability to display a bigger higher resolution screen – and still have a one hour longer battery life. It is this combination of performance and efficiency that makes Broadwell the best processor ever available in an inexpensive laptop. Broadwell also runs cooler than Haswell and is therefore quieter so it is less likely to turn on the fan. This is an important feature when one is doing video conferencing.

#3 4 GB RAM The Acer C910 comes standard with 4 GB of RAM allowing us to view and process videos on a high speed Internet connection without the screen freezing. The RAM is soldered in place in the Acer C910 and cannot be changed. It is therefore important to have 4 GB RAM pre-installed. Thankfully, all four versions of the Acer C910 come with 4 GB of RAM pre-installed.

#4 Replaceable Solid State Drive (SSD) The C910 also allows an easier upgrade to a bigger 256 GB Solid State Drive – allowing us to increase the storage capacity of the laptop by 1000% for a mere $100. Some Chromebooks have a soldered Solid State Drive meaning they cannot be upgraded. This presents a problem when the SSD on Chromebooks is only 16GB to 32GB. Linux Mint will take up about 6GB leaving only 10GB for all of your other programs, images, videos and other documents.

Many Chromebooks do not have an upgradeable SSD. For example, even the most expensive and most recent Chromebook, called the Pixel 2, does not have an upgradeable SSD. For a complete table of models that can be upgraded and the type of SSD required for upgrade, see the following page: https://wiki.archlinux.org/index.php/Chrome_OS_devices/Chromebook

The Acer C910 has a removable 32GB SSD. The fact that it is removable allows us to replace it with a 256GB SSD for an additional $100. A larger SSD helps our computer run faster, while also slightly increasing battery life due to lower power consumption. It is best to upgrade the SSD before replacing the Chrome Operating System with a full Linux operating system as the operating system is actually installed onto the hard drive. We will shortly explain how to replace the 32 GB SSD with a 256GB SSD.

#5 Legacy Boot allows us to replace Chrome OS with Linux Mint Broadwell also features an important development for Chromebooks called Legacy Boot. In the past, it was difficult to completely replace the Chrome Operating System with a full Linux operating system. The addition of Legacy boot makes this process much easier. The Acer C910 therefore provides a process to easily replace the Chrome Operating System with a fully functioning Linux Mint operating system. After this replacement, students are not only able to process documents, videos and images offline, but they have access to thousands of free open source programs to process these documents, images and videos. These free open source programs are often better than commercial programs costing thousands of dollars. In short, the Acer C910, after upgrading to a 256 GB Solid State Drive and the Linux Mint operating system, opens up a whole new world of educational opportunities for students while saving parents and school districts thousands of dollars per student. In our next articles and videos, we will describe how to upgrade the SSD to 256 GB and how to replace the Chrome operating system with the Linux Mint operating system.

What about Skylake versus Broadwell? Computer processors, which are sometimes called chips and other times called CPUs, (which stands for Central Processing Units) come in a bewilderingly large number of options with all kinds of names – and even huge numbers of sub-divisions within names. We will briefly sort out this mess by making a few general statements. In 2016, Intel introduced a new processor called Skylake that is even faster than the Broadwell processor. But we are thrilled with the function of the Broadwell processor in the Acer C910. The following is a table showing the rapid progress made by Intel processors in the past 6 years.

Rapid Evolution of Processors Since 2010

Intel

Generation

Processor

Name (year)

Transistor Size

(Nanometers)

Average Laptop

Battery Life

# of transistors

(billions)

3rd

Ivy Bridge (2012)

22nm

6 hours

.8

4th

Haswell (2013)

22nm

7 hours

1.0

5th

Broadwell (2015)

14nm

8 hours

1.3

6th

Skylake (2016)

14nm

9 hours

1.4

7th

Kabylake (2017)

14nm

9.5 hours

1.5

8th

Cannonlake (2018)

14nm

10 hours

1.6

You can tell which generation a chip is from by the first number in the model name. So an i5-5200U is a 5th generation Broadwell processor. Note that while Broadwell is significantly smaller that Haswell, Skylake is the same transistor size as Broadwell. Thus, while there is a huge performance boost moving from Haswell to Broadwell, there is only a small performance boost moving from Broadwell to Skylake. For example, a Broadwell i5 processor running Linux would still be much faster than a Skylake i7 processor running the bloated Windows 10 operating system.

Comparing Intel Brands = Number of Cores

Intel Brand

# Cores

Turbo Assist

Approx. Cost*

Top Speed***

% of Users**

Celeron

2

No

$100

80 MPH

90%

I3 Broadwell

2

No

$200

100 MPH

??

I5 Broadwell

2

Yes

$300

120 MPH

9%

I7 Skylake

2

Yes

$400

140 MPH

1%

* For Low Voltage High Battery Life models (cost twice a normal desktop chip) ** Assuming running Linux on an SSD drive. *** We are using an estimate compared to normal speeds for driving cars. For a more detailed comparison of various processor model speeds and prices, see this link: https://www.cpubenchmark.net/laptop.html To test your own computer speed online, go to this link: https://browserbench.org/Speedometer/

At the Speedometer test above, which is the official benchmark tester for Chromebooks, we measured the Acer C910 with the Celeron processor to be about 70 and the Acer C910 with the i5 processor to be about 110. Turbo Assist can boost the speed temporarily by about 50%. Note that the graphics card used will typically be much more important than the processor. Also, as we noted before, both the operating system (Linux) and the type of drive (SSD) will have a much greater effect than on speed than the processor brand or generation. Because the number of cores is much more important than hyper threading, reviewers such as Ars Technica have concluded that i5 processors are “probably represent the best balance of price and performance for high-end users... jumping from a Pentium or Core i3 to a Core i5 will get you a much larger performance bump than jumping from an i5 to an i7.”

We agree. Given that the i5 is only $50 more than the i3 and comes with twice the speed thanks to Turbo Assist, we think it is a much better deal for nearly all high demand users than the i3. On the other hand, the added benefit of the i7 processor, whether it is Broadwell i7 or Skylake i7 is hard to justify. Think of it this way, why would you need a car that does 140 MPH when you rarely drive about 70 MPH? The only people who need to go 140 MPH are race car drivers. The rest of us would never notice the difference between a car that does 120 MPH and a car that can do 140 MPH.

Comparing Three Coreboot Laptop Options

Feature

Acer C910

Celeron

Acer C910

i5

Purism Librem 15

Base Cost

$270

$510

NA

Cost with 256 GB SSD

$370

$610

$1600

Coreboot with 2 cores

Yes

Yes

Yes

Installed Operating System

Linux Chrome

Linux Chrome

Linux Debian PureOS

Can Convert to Mint?

Yes

Yes

Yes

GB RAM

4 GB

4 GB

8 GB

Processor (screen resolution 1920 x 1080)

Broadwell Celeron 3205U

Broadwell i5 5200U

Skylake i7 6500U

Processor RAM

3 MB

3 MB

4 MB

Clock Speed

1.5 GHz

2.2 GHz

3.1 GHz

Turbo Speed

NA

3.4 GHz

4.0 GHz

Availability

Yes

Yes

One month wait

Ease of Install

Moderate

Moderate

Easy

Ease of Use

Easy

Easy

Moderate

Backlite Keyboard

No

Yes

Yes

Intel Management Engine Off

Yes

Yes

Yes

Works with DistroTweaks

Yes if OS replaced with Linux Mint

Yes if OS replaced with Linux Mint

Not unless OS is replaced with Linux Mint.

The Acer C910 does require some work to add the 256 GB SSD and to replace the Chrome operating system with Linux Mint. The entire process takes about one hour. Thankfully our DistroTweak packages makes adding over 20 programs extremely fast – taking just a matter of minutes. The Librem laptop takes about 30 minutes to convert to Linux Mint – at which point you could use our DistroTweak packages to add dozens of programs in a couple of minutes.

Why Has the Celeron Processor Gotten Such Bad Press?

We realize we are going against the grain by recommending the Celeron processor for most users. But recommend Celeron because we are assuming our users will also be using the Linux operating system and a solid state drive. If you read articles about the Celeron processor, reviewers tend to condemn it as being very slow. What is slow is not the Celeron processor. Rather it is the Windows operating system. For example, if you are running Linux with the Celeron processor and your car has a top speed of 80 MPH the same car would only be able to go 40 MPH using the Windows operating system. Of course, 40 MPH is not acceptable. But what needs to be improved is not the processor, but the operating system. Let’s take another example. The i7 Skylake will do the equivalent of 140 MPH using Linux. But put Windows on this same processor and it will slow down to only 70 MPH. Thus, a Celeron Broadwell processor using Linux will be faster than a top of the line I7 Skylake processor running Windows!

January 2, 2018, Update: All Intel Processors subject to the Meltdown and Spectre Backdoors

On January 2, 2018, the Register news website broke the hugely important story that every Intel processor made during the past 10 years has two security flaws and that the patch for these flaws will slow down every Intel computer in the world by 10 to 30 percent. These flaws are called Meltdown and Spectre. https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

A partial patch for one of these problems based on a plan called Kaiser, was issued for all Linux computers on December 23, 2017. While Microsoft intended to issue a patch on January 9, 2018, a firestorm of protest caused them to issue an emergency patch on January 3, 2018. Keep in mind that folks are already complaining about the slowness of Windows 10. Imagine what will happen when these already slow computers are slowed down by another 10 to 30 percent. Suddenly, the speed advantage that Linux has over Windows is going to become huge. Think of Linux as a race car capable of going 120 Miles per hour and Windows as a giant truck not able to go more than 40 Miles Per Hour.

The Spectre Meltdown problem is the third major backdoor we have discussed in our book. First, we covered the Windows Operating System backdoor, which goes through holes in the Windows web browser. Second, we reviewed the Microsoft Kill Switch which uses design flaws in the UEFI Startup program. Now we will briefly discuss the design problems of Intel processors.

The reason we need to discuss these newly announced design flaws of Intel Processors is we just spent this entire section recommending Intel processors. Readers will want to know why were are recommending Intel processors when they have such serious flaws. There are two reasons. First, the flaws are much more serious for Windows computers than for Linux computers. Second, there are no models of Chromebooks using high resolution 15 inch screens that use Coreboot and also use a processor made by a company other than Intel. We are certain that as bad as the Meltdown and Spectre problems are, the danger of UEFI – which can remotely turn your computer into a brick in a matter of seconds - is much worse than the dangers presented by Meltdown and Spectre.

The Meltdown and Spectre problems were discovered in April 2017 by a 22 year old researcher named Jann Horn with Google Project Zero. You can read the research reports about these two problems at the following link:https://meltdownattack.com/

These new backdoors are truly frightening. If you went online to a malicious website and did not have JavaScript disabled in your web browser, the JavaScript from the bad website could access the core of your computer and steal all of your important passwords – giving hackers complete access to not only your computer but also your bank account and everything else you own. Google and Firefox are addressing this problem by placing restrictions in their browsers. But we have complained for years that JavaScript is dangerous.

But there is a much deeper danger we need to understand. At the root of the Intel processor problem is something that Intel calls “Speculative Calls.” This is where the name of one of the backdoors, Spectre, comes from. Spectre takes advantage of a flaw in Speculative Calls. In plain English, speculative calls are the Intel processor trying to “guess” what program you will try to load next on your computer and then starts “preloading” the program even before you ask your computer to load the program. Preloading the program will make your computer to appear to be faster than it really is. But the problem is that hackers can use these same speculative calls to gain access to all of your passwords.

On January 3, 2018, Linus Torvalds, the lead programmer for the Linux Foundation criticized the entire process of speculative calls: “Avoid speculative indirect calls in kernel...Any speculative indirect calls in the kernel can be tricked to execute any kernel code, which may allow side channel attacks that can leak arbitrary kernel data. Why is this all done?... A competent CPU engineer would fix this by making sure speculation doesn't happen.”

How could Intel Make Such a Terrible Decision?

In hindsight, the security problems with trying to preload programs all seems obvious. But we need to ask ourselves why Intel felt compelled to use preloading or speculative calls in the first place? The answer, as we have been complaining about for years, is the Microsoft severely bloated code. Both Windows and MS Office are so bloated that they take forever to load. So Intel has been trying to help Microsoft speed up by “preloading” these bloated Windows programs. Thus, we should not blame Intel. We should blame Microsoft for continuing to force such bad code on the rest of us. What we as computer users must face are the consequences of allowing Microsoft to pass off such bad code.

Why has Microsoft been allowed to pass off such bloated code for so many years?

The answer to this question is easy. The US Government is so corrupt that even though three different federal judges found Microsoft guilty of violating the Sherman AntiTrust Act, the US Government has allowed the Microsoft Monopoly to continue. Meanwhile, the situation has gotten so bad that it would cost Microsoft billions of dollars to clean up the bad code in Windows and MS Office. Even worse, cleaning up this code would likely require “breaking” all current Windows computers – meaning the end of the Microsoft Monopoly.

What Microsoft really needs to do is throw in the towel and simply tell people to use the Linux operating system with LibreOffice. In short, as long as we as people continue to allow monopolies like Microsoft to exist, we will continue to be stuck with bloated code and force chip makers like Intel to take dangerous short cuts such as preloading to hide the fact that the code is bloated.

Why Linux is Less Affected by Meltdown and Spectre

Because Linux and LibreOffice are both much cleaner code, there is less need for preloading. They are also less affected by the Kaiser patch because they were already very fast programs. Thus, slowing down Linux and/or LibreOffice will still result in them running much faster than Windows or MS Office.

How Much Does the Kaiser Patch Slow Down Linux?

If you are only using simple programs and not taxing your computer, you may not see any slowing down. The following are tests done comparing an Intel i7 “Coffee Lake” computer with a Solid State Drive and an Intel i7 “Broadwell” computer with a spinning drive (the purple bars are before the Kaiser Patch, the green bars are after the Kaiser patch). Both computers were running Linux. There was no before/after difference in the Frames per second for Video Encoding. There was a noticeable difference in Mega Bytes Per Second Test when loading a large file. But the biggest difference was with the latest generation of Intel, called CoffeeLake, when loading 1000 1 MB files:

The transfer rate after the Kaiser patch was by 50%. Meanwhile, there was only a 10% decline in the older generation “Broadwell” processor.

This is shocking because Intel has been saying that their latest generation of chips is less affected by this problem. In fact, there latest generation of chips is more affected than the older generation of chips.

Note that the loss of speed is likely to be much worse for Windows computers because they are already running slow. We predict that there will be problems – especially for Windows programs using the MS DirectX technology.

Organizations that have heavily leveraged Microsoft operating systems are more impacted than those who leverage Linux. Customers with large Linux deployments -- 200,000 servers or more -- report almost no impact to business operations. Carl Wright, General Manager TrapX Cybersecurity January 20, 2018

The Real Problem is not just a loss of Speed but an Ongoing Loss of Safety

This book is all about promoting the safest possible tools for sharing knowledge. We are certain that the problem is not Intel, it is Microsoft. There is no such thing as computer safety when using Windows. Nor is there safety when using the UEFI startup program. We will continue to monitor the Intel Processor problem. But there is more to this story that is coming out every day.

On January 9, 2018, Microsoft issued a statement admitting the Spectre and Meltdown would significantly slow down Windows computers – especially Windows servers – regardless of the Intel processor used by the server: “Windows Server on any silicon, especially in any IO-intensive application, shows a more significant performance impact when you enable the mitigations.”

Caution

Microsoft lags behind Linux when it comes to access control. That is a problem, since the Spectre and Meltdown vulnerabilities depend on hackers having access to the hardware. My recommendation would be to not to use Windows-based servers until Microsoft offers better access control. Use Linux instead. Gene Shablygin, CEO WWPass Cybersecurity January 19, 2018

Spectre and Meltdown operate by making remote unauthorized changes. What the above writer means by Access Control is that Linux has a strong permissions system to prevent remote unauthorized changes while Microsoft does not. What the above writer fails to understand is that there is a reason Microsoft allows easy remote access. The reason is that Microsoft wants to be able to remotely access your computer to prevent pirating and maintain their profits and monopoly. Thus, it would be contrary to their business model to provide us with better access control.

The Spectre and Meltdown disaster may be a blessing in disguise as it may finally help computer users understand the need for access control which is another name for computer security. We will not have true computer security until the Microsoft Remote Access backdoor is finally ended. Given that Linux already dominates the server market, due to its greater speed and reliability, this new forced slow down of Windows servers could spell the end of Microsoft in the server market – and the beginning of the end of Microsoft in the consumer computer market.

There appear to be solutions for Linux computers. Kaiser has plugged the Meltdown hole and another tool called Repoline looks promising for plugging the Spectre hole. We have updated our Acer C910 Chromebooks to the Linux 4.4.109 kernel and they are as fast as ever. However, because Windows computers lack the security of Linux, things will only get worse for Windows users over time. As hackers get better at using these new backdoors into Windows computers, expect entire waves of new attacks in the coming months.

Equally important, many of the researchers who discovered Spectre and Meltdown have been quoted as saying what we been saying for years – that these “design flaws” aka hidden backdoors do not just happen by accident. Many of us believe that Intel never would have designed such problems in the first place. We suspect that Spectre and Meltdown are NSA designed backdoors.

How to Turn off JavaScript in Firefox

The other real problem is what to do about the danger of JavaScript attacks when on the Internet. If you are concerned about any kind of JavaScript attack, you can turn off JavaScript in the Firefox browser. Open Firefox and click Tools, Addons. Alternately, you can click on the Firefox Menu. Then click Addons. Then type NoScript into the Search Box.

Then click Install. Then click Add. Then click Custom Setup. Then click Custom. NoScript blocks Javascript from all but a list of selected and trusted websites – and you can add more sites to the list if you want. If a site is not on the trusted list, the Javascript from that site is blocked until you change it to trusted.

What’s Next?

In our next section, we will explain how to replace the 32 GB Solid State Drive with a 256 GB Solid State Drive